- From: Jonas Sicking <notifications@github.com>
- Date: Mon, 28 Mar 2016 10:31:53 -0700
- To: whatwg/fetch <fetch@noreply.github.com>
Received on Monday, 28 March 2016 17:32:23 UTC
I don't really have a strong reason for feeling more ok with `*` in ACEH than for the other AC* headers. My thinking was mainly that it's less likely that headers contain personal data in general. This isn't an argument for allowing `*` for ACAH since the concern there isn't about leaking private data, but rather about triggering dangerous side effects on the server. I'm totally fine with allowing `*` in ACEH only for credential-less requests. It certainly makes things more consistent. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/issues/252#issuecomment-202498790
Received on Monday, 28 March 2016 17:32:23 UTC